Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Body Check: Biometrics Defeated

Biometric security devices are supposed to keep us safe. But tests by German technology magazine c't show that even highly touted systems such as retinal scanners are easily defeated, often by absurdly simple means. Reprinted with permission.

Memorizing passwords is out. Laying your finger on a sensor or peering into a webcam can suffice to gain you immediate access to a system. There is the danger, however, that this new ease might be bought at the expense of security. How well do biometric access controls prevent unauthorized access? We have tested eleven products for you.

According to estimates of the IBIA, the international organization of biometric devices and programs suppliers, worldwide turnover of biometric security devices and programs this year will for the first time exceed the 500 million euro limit. Though the growth is primarily being driven by large scale orders by industrial customers and administrative bodies, nevertheless the number of products on the market designed for in-home and in-house PC use is rising.

The range of biometric security access tools for PCs meanwhile extends from mice and keyboards with integrated fingerprint scanners to webcam solutions whose software is able to recognize the facial features of registered persons to scanners that make use of the distinct iris patters of humans for identifying individuals. When the PC is booted the security software that goes with the tool writes itself into the log-on routine expanding the latter to include biometric authentication. In many instances the screen saver is integrated into the routine thus allowing for biometric authentication after breaks from work while the PC is still running. Sophisticated solutions, moreover, permit biometrically-based security protection of specific programs and/or documents.

Further reading

The problem that all biometric security access procedures and devices still have in common, however, is the necessity of establishing fault tolerance limits: When a manufacturer - by making the appropriate hard and software efforts - decides to set his fault tolerance limits very narrowly, this increases his systems security, the user-friendliness of the system, however, is likely to decline in proportion. Should he on the other hand decide from the outset to permit considerable deviation, this will make his system easy to use, but greatly diminish its protective value.